{
AES_KEY ks1, ks2; /* AES key schedules to use */
XTS128_CONTEXT xts;
+ void (*stream)(const unsigned char *in,
+ unsigned char *out, size_t length,
+ const AES_KEY *key1, const AES_KEY *key2,
+ const unsigned char iv[16]);
} EVP_AES_XTS_CTX;
typedef struct
void bsaes_ctr32_encrypt_blocks(const unsigned char *in, unsigned char *out,
size_t len, const AES_KEY *key,
const unsigned char ivec[16]);
+void bsaes_xts_encrypt(const unsigned char *inp, unsigned char *out,
+ size_t len, const AES_KEY *key1,
+ const AES_KEY *key2, const unsigned char iv[16]);
+void bsaes_xts_decrypt(const unsigned char *inp, unsigned char *out,
+ size_t len, const AES_KEY *key1,
+ const AES_KEY *key2, const unsigned char iv[16]);
#endif
#ifdef AES_CTR_ASM
void AES_ctr32_encrypt(const unsigned char *in, unsigned char *out,
size_t blocks, const AES_KEY *key,
const unsigned char ivec[AES_BLOCK_SIZE]);
#endif
+#ifdef AES_XTS_ASM
+void AES_xts_encrypt(const char *inp,char *out,size_t len,
+ const AES_KEY *key1, const AES_KEY *key2,
+ const unsigned char iv[16]);
+void AES_xts_decrypt(const char *inp,char *out,size_t len,
+ const AES_KEY *key1, const AES_KEY *key2,
+ const unsigned char iv[16]);
+#endif
#if defined(AES_ASM) && !defined(I386_ONLY) && ( \
((defined(__i386) || defined(__i386__) || \
{
aesni_set_encrypt_key(key, ctx->key_len * 4, &xctx->ks1);
xctx->xts.block1 = (block128_f)aesni_encrypt;
+ xctx->stream = aesni_xts_encrypt;
}
else
{
aesni_set_decrypt_key(key, ctx->key_len * 4, &xctx->ks1);
xctx->xts.block1 = (block128_f)aesni_decrypt;
+ xctx->stream = aesni_xts_decrypt;
}
aesni_set_encrypt_key(key + ctx->key_len/2,
return 1;
}
+#define aesni_xts_cipher aes_xts_cipher
static int aesni_xts_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out,
- const unsigned char *in, size_t len)
- {
- EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
- if (!xctx->xts.key1 || !xctx->xts.key2)
- return -1;
- if (!out || !in)
- return -1;
-#ifdef OPENSSL_FIPS
- /* Requirement of SP800-38E */
- if (FIPS_module_mode() && !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW) &&
- (len > (1L<<20)*16))
- {
- EVPerr(EVP_F_AESNI_XTS_CIPHER, EVP_R_TOO_LARGE);
- return -1;
- }
-#endif
- if (ctx->encrypt)
- aesni_xts_encrypt(in, out, len,
- xctx->xts.key1, xctx->xts.key2, ctx->iv);
- else
- aesni_xts_decrypt(in, out, len,
- xctx->xts.key1, xctx->xts.key2, ctx->iv);
-
- return len;
- }
+ const unsigned char *in, size_t len);
static int aesni_ccm_init_key(EVP_CIPHER_CTX *ctx, const unsigned char *key,
const unsigned char *iv, int enc)
if (key) do
{
+#ifdef AES_XTS_ASM
+ xctx->stream = enc ? AES_xts_encrypt : AES_xts_decrypt;
+#else
+ xctx->stream = NULL;
+#endif
/* key_len is two AES keys */
+#ifdef BSAES_CAPABLE
+ if (BSAES_CAPABLE)
+ xctx->stream = enc ? bsaes_xts_encrypt : bsaes_xts_decrypt;
+ else
+#endif
#ifdef VPAES_CAPABLE
if (VPAES_CAPABLE)
{
{
EVP_AES_XTS_CTX *xctx = ctx->cipher_data;
if (!xctx->xts.key1 || !xctx->xts.key2)
- return -1;
- if (!out || !in)
- return -1;
+ return 0;
+ if (!out || !in || len<AES_BLOCK_SIZE)
+ return 0;
#ifdef OPENSSL_FIPS
/* Requirement of SP800-38E */
if (FIPS_module_mode() && !(ctx->flags & EVP_CIPH_FLAG_NON_FIPS_ALLOW) &&
- (len > (1L<<20)*16))
+ (len > (1UL<<20)*16))
{
EVPerr(EVP_F_AES_XTS_CIPHER, EVP_R_TOO_LARGE);
- return -1;
+ return 0;
}
#endif
- if (CRYPTO_xts128_encrypt(&xctx->xts, ctx->iv, in, out, len,
+ if (xctx->stream)
+ (*xctx->stream)(in, out, len,
+ xctx->xts.key1, xctx->xts.key2, ctx->iv);
+ else if (CRYPTO_xts128_encrypt(&xctx->xts, ctx->iv, in, out, len,
ctx->encrypt))
- return -1;
- return len;
+ return 0;
+ return 1;
}
#define aes_xts_cleanup NULL
projects / oweals / openssl.git / blobdiff